Gnu: >> Binutils >> 2.35 Security Vulnerabilities
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-22
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-08-22
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-22
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-22
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-08-22
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-05-17
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-27
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-08-26
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-12-15
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.
CVSS Score
7.8
EPSS Score
0.157
Published
2021-04-29